eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-15 21:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
167 Commits 13 Branches 79 Tags
f47b7ba425fb8fc39b3358dc35d4ac31c864cd6d
Commit Graph

167 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Milan Broz
7bc5829c43 * Implement old API calls using new functions. 
Signed-off-by: Milan Broz <mbroz@redhat.com>

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@97 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-08-30 18:10:02 +00:00
Milan Broz
d70782478e * Add new libcryptsetup API (documented in libcryptsetup.h). 
Signed-off-by: Milan Broz <mbroz@redhat.com>

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@96 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-08-30 18:09:53 +00:00
Milan Broz
344a162a29 * Replace global options struct with separate parameters in helper functions. 
Signed-off-by: Milan Broz <mbroz@redhat.com>

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@95 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-08-30 18:09:43 +00:00
Milan Broz
74b26c7b8a * Run performance check for PBKDF2 from LUKS code, do not mix hash algoritms results. 
* Add ability to provide pre-generated master key and UUID in LUKS header format.
* Add LUKS function to verify master key digest.
* Move key slot manuipulation function into LUKS specific code.

Signed-off-by: Milan Broz <mbroz@redhat.com>

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@94 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-08-30 18:09:34 +00:00
Milan Broz
cee0f0b49f * Move device utils code and provide context parameter (for log). 
* Keyfile now must be provided by path, only stdin file descriptor is used (api only).
* Do not call isatty() on closed keyfile descriptor.

Signed-off-by: Milan Broz <mbroz@redhat.com>

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@93 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-08-30 18:09:21 +00:00
Milan Broz
bf7819ccef * Add log macros and make logging modre consitent. 
* Move command successful messages to verbose level.
* Introduce --debug parameter.

Signed-off-by: Milan Broz <mbroz@redhat.com>

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@92 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-08-30 18:07:17 +00:00
Milan Broz
4e471a9b03 * Move memory locking and dm initialization to command layer. 
* Increase priority of process if memory is locked.

Signed-off-by: Milan Broz <mbroz@redhat.com>

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@91 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-08-30 18:07:00 +00:00
Milan Broz
ab953b3ff6 Require device device-mapper to build and do not use backend wrapper for dm calls. 
Signed-off-by: Milan Broz <mbroz@redhat.com>

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@90 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-08-30 17:56:33 +00:00
Milan Broz
5c42db87bf Test commit. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@89 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-08-30 17:49:37 +00:00
Milan Broz
04a0f5dfb8 Fix include path. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@88 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-08-28 15:54:03 +00:00
Milan Broz
b30c1c7f43 Add separate tests directory, move LUKS tests, Add old library API tests. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@87 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-08-28 15:22:37 +00:00
Milan Broz
d980dbb300 Allow restrict keys size in LuksOpen (thanks to Stefan Assmann) 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@86 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-08-17 11:04:36 +00:00
Milan Broz
02707608db Allow using passphrase provided in options struct for LuksOpen (thanks to Waldemar Brodkorb). 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@85 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-08-17 11:03:29 +00:00
Milan Broz
a0d1056e0f Fix PBKDF2 speed calculation for large passhrases. 
- Do not reset key each iteration.
- Fix error path.



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@84 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-08-17 06:28:22 +00:00
Milan Broz
a0b795becb Enable LUKS hash setting and document it. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@83 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-30 15:02:53 +00:00
Milan Broz
1a10c59b97 Remove internal SHA1 implementation, not needed now. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@82 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-30 15:01:22 +00:00
Milan Broz
88bdb609a8 Move XOR function to af.c, nobody outside of it use it now. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@81 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-30 14:59:10 +00:00
Milan Broz
ed9e146cb6 Add required parameters for changing hash used in LUKS key setup scheme. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@80 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-30 14:57:52 +00:00
Milan Broz
7e7c9c176c Switch PBKDF2 from internal SHA1 to libgcrypt. 
Also make hash algorithm not fixed here.



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@79 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-30 14:56:59 +00:00
Milan Broz
aab7fecd2e Return ENOENT for empty keyslots, EINVAL will be used later for other type of errors. 
(also clean some spaces)



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@78 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-30 14:55:24 +00:00
Milan Broz
c5c403323e Remove po/cryptsetup-luks.pot, it's autogenerated (thanks to Ivan Stankovic) 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@77 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-30 14:48:08 +00:00
Milan Broz
4a257d8c65 Print error when getline() fails (thanks to Ivan Stankovic) 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@76 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-30 14:46:56 +00:00
Milan Broz
f60475e293 Fix DEBUG output (thanks to Ivan Stankovic) 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@75 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-30 14:46:20 +00:00
Milan Broz
e3e3027e12 Optimize o_direct read/writes. 
* Pad luks header to 512 sector size. We need read/write in whole
sector anyway and space is unused (wiped in luksFormat) so there is
no need for read/seek/write exercise.

* Rework read/write blockwise to not split operation to many pieces.
thanks to Sebastian Andrzej Siewior:

  The buffer has to be aligned due to the O_DIRECT in open(). Currently a small
  blocksize buffer is allocated and everything is read in multiple reads and
  copied back to the original buffer. In my case AFEKSize gets computed to 64000
  which results in 125 reads with 512 bytes each.
  This patch changes this behavior to a single operation where the majority is
  read()/write() plus an optional fixup in case the request is not modulo block
  size.

* Use posix_memalign and check for alignment if available.
Othewise use old align functions. Add autoconf to detect posix_memalign.



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@74 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-28 09:29:13 +00:00
Milan Broz
a3c8571df0 Fix segfault if provided slot in luksKillslot is invalid. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@73 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-23 11:04:46 +00:00
Milan Broz
ea0ee83025 Remove unneeded timeout when remove of temporary device succeeded. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@72 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-22 20:21:49 +00:00
Milan Broz
aecd010c3b Cryptsetup version 1.0.7. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@66 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-22 10:43:40 +00:00
Milan Broz
fc2cfe7a32 Allow removal of last slot in luksRemoveKey and luksKillSlot. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@65 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-16 12:59:00 +00:00
Milan Broz
eccc31e9ad Add --disable-selinux option and fix static build if selinux is required. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@64 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-12 21:37:03 +00:00
Milan Broz
0bc3ffae8b Reject unsupported --offset and --skip options for luksFormat and update man page. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@63 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-07-11 07:09:05 +00:00
Milan Broz
c0d99e98e4 cryptsetup 1.0.7-rc1 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@60 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-06-22 14:13:40 +00:00
Milan Broz
78cd6786fb Add some checks for error codes. 
(fixes warning: ignoring return value ...)



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@59 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-06-22 12:40:31 +00:00
Milan Broz
3691b36caa Fix device prompt quistion. 
(fixes missing patch chunk in previous commit)



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@58 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-06-22 12:38:08 +00:00
Milan Broz
9ed9ba3d85 Define device-mapper crypt UUID maximal length and check for its size. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@57 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-06-21 10:02:10 +00:00
Milan Broz
6fe5246956 Various man page fixes. 
(also merged some Debian/Ubuntu man page fixes, thanks to Martin Pitt)



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@56 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-06-20 21:15:04 +00:00
Milan Broz
dca5a38513 Set UUID in device-mapper for LUKS devices. 
Device mapper device should use UUID string if possible.
UDEV can then easily distinguish the device type etc.

cryptsetup now uses CRYPT prefix for uuid.



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@55 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-06-20 20:24:56 +00:00
Milan Broz
9160fb0894 Retain readahead of underlying device. 
(If libdevmapper version supports it).



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@54 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-06-20 20:22:27 +00:00
Milan Broz
8ce294ae3e Display device name when asking for password. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@53 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-06-20 20:20:41 +00:00
Milan Broz
db96ccef46 Check device size when loading LUKS header. 
(And remove misleading error message later.)

Because kernel and libdevmapper does not provide
better error message then "invalid parameters"
add some error hint if dm-crypt mapping failed.
(Key size and kernel version check for XTS and LRW mode
for now.)



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@52 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-06-20 09:24:33 +00:00
Milan Broz
91f1e7b59a Use better error messages if device doesn't exist 
or is already used by other mapping.



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@51 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-06-19 17:03:22 +00:00
Milan Broz
d6f68c099e Fix make distcheck (Mike Kelly) 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@50 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-06-19 15:53:45 +00:00
Clemens Fruhwirth
04fd9b3208 Should fix Issue 5. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@49 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-04-05 17:21:03 +00:00
Clemens Fruhwirth
fff08051b0 Segfault bugfix thanks to Oliver Metz. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@48 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-04-01 20:36:35 +00:00
Clemens Fruhwirth
c2813c5d7e Remove precompiled pot files. 
Fix uninitialized return value variable in setup.c.



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@47 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-01-16 17:06:31 +00:00
Clemens Fruhwirth
c3d5f498b8 Cleanups thanks to Ivan Stankovic 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@46 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-01-13 20:09:17 +00:00
Clemens Fruhwirth
0d34d019a4 Remove unnecessary files from po/. They will be regenerated by ./autogen.sh 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@45 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-01-13 19:48:25 +00:00
Clemens Fruhwirth
12974a1dd3 * Fix wrong output for remaining key at key deletion. 
* Allow deletion of key slot while other keys have the same key
  information (that implied rewritting verification logic).



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@41 36d66b0a-2a48-0410-832c-cd162a569da5
 2008-12-19 19:39:42 +00:00
Milan Broz
3c37d7a1be Add missing AM_PROG_CC_C_O to configure.in 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@40 36d66b0a-2a48-0410-832c-cd162a569da5
 2008-11-05 15:05:15 +00:00
Milan Broz
f1842bb1b6 Remove duplicate sentence in man page (patch by Till Maas). 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@39 36d66b0a-2a48-0410-832c-cd162a569da5
 2008-11-05 11:30:21 +00:00
Milan Broz
29640eec72 Wipe start of device before LUKS-formatting. 
Cryptsetup keeps some sectors (between the physical LUKS header
and keyslot data) on disk untouched, unfortunatelly ext2/3/4 signature can
be there and blkid detects filesystem here instead of LUKS.

This patch wipes the first eight sectors on disk with zero during luksFormat.
This should be probably solved by physical header padding in next version.



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@38 36d66b0a-2a48-0410-832c-cd162a569da5
 2008-11-05 11:23:24 +00:00